#2: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:333 [inline]
#2: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:845 [inline]
#2: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 kernel/locking/lockdep.c:6688
4 locks held by syz-executor.0/10530:
=============================================
rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P10530/3:b..l P5117/1:b..l
rcu: (detected by 0, t=10502 jiffies, g=49933, q=216 ncpus=2)
task:syz-executor.1 state:R running task stack:18480 pid:5117 tgid:5117 ppid:5113 flags:0x00004006
Call Trace:
context_switch kernel/sched/core.c:5249 [inline]
__schedule+0x17e8/0x4a20 kernel/sched/core.c:6594
preempt_schedule_common+0x84/0xd0 kernel/sched/core.c:6773
preempt_schedule+0xe1/0xf0 kernel/sched/core.c:6797
preempt_schedule_thunk+0x1a/0x30 arch/x86/entry/thunk.S:12
__raw_spin_unlock include/linux/spinlock_api_smp.h:143 [inline]
_raw_spin_unlock+0x3e/0x50 kernel/locking/spinlock.c:186
spin_unlock include/linux/spinlock.h:391 [inline]
copy_pte_range mm/memory.c:1191 [inline]
copy_pmd_range+0x7ad5/0x8500 mm/memory.c:1252
copy_pud_range mm/memory.c:1289 [inline]
copy_p4d_range mm/memory.c:1313 [inline]
copy_page_range+0x99f/0xe90 mm/memory.c:1411
dup_mmap kernel/fork.c:749 [inline]
dup_mm kernel/fork.c:1674 [inline]
copy_mm+0x11ea/0x1f30 kernel/fork.c:1723
copy_process+0x186b/0x3d90 kernel/fork.c:2376
kernel_clone+0x226/0x8f0 kernel/fork.c:2788
__do_sys_clone kernel/fork.c:2931 [inline]
__se_sys_clone kernel/fork.c:2915 [inline]
__x64_sys_clone+0x258/0x2a0 kernel/fork.c:2915
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fee5707a0d3
RSP: 002b:00007ffe1b3bc948 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fee5707a0d3
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
R10: 0000555559e7b750 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
task:syz-executor.0 state:R running task stack:22384 pid:10530 tgid:10529 ppid:7626 flags:0x00000006
Call Trace:
context_switch kernel/sched/core.c:5249 [inline]
__schedule+0x17e8/0x4a20 kernel/sched/core.c:6594
preempt_schedule_irq+0xfb/0x1c0 kernel/sched/core.c:6916
irqentry_exit+0x5e/0x90 kernel/entry/common.c:354
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:fib_lookup+0x1ce/0x450 include/net/ip_fib.h:387
Code: e8 0c ac f7 4d 85 ed 74 31 4c 89 ef 4c 89 fe 4c 89 e2 b9 01 00 00 00 e8 80 f0 1f 00 41 89 c5 31 ed 31 ff 89 c6 e8 02 11 ac f7 <45> 85 ed 0f 84 bd 00 00 00 e8 b4 0c ac f7 eb 0b e8 ad 0c ac f7 41
RSP: 0018:ffffc90003d26c98 EFLAGS: 00000297
RAX: 0000000000000002 RBX: ffff88805f1f1d00 RCX: 0000000000040000
RDX: ffff888025c5bc00 RSI: 00000000fffffff5 RDI: 0000000000000000
RBP: 0000000000000000 R08: ffffffff89e76e0e R09: 1ffffffff1f5dbbd
R10: dffffc0000000000 R11: fffffbfff1f5dbbe R12: ffffc90003d26dc0
R13: 00000000fffffff5 R14: dffffc0000000000 R15: ffffc90003d26f80
ip_route_output_key_hash_rcu+0x284/0x2390 net/ipv4/route.c:2734
ip_route_output_key_hash+0x193/0x2b0 net/ipv4/route.c:2624
__ip_route_output_key include/net/route.h:140 [inline]
ip_route_output_flow+0x29/0x140 net/ipv4/route.c:2852
ip_route_output_key include/net/route.h:150 [inline]
sctp_v4_get_dst+0xc7f/0x14a0 net/sctp/protocol.c:508
sctp_transport_route+0x12c/0x2e0 net/sctp/transport.c:455
sctp_packet_config+0x460/0xdb0 net/sctp/output.c:103
sctp_outq_select_transport+0x474/0x580 net/sctp/outqueue.c:869
sctp_outq_flush_ctrl net/sctp/outqueue.c:903 [inline]
sctp_outq_flush+0x4c3/0x3e20 net/sctp/outqueue.c:1212
sctp_side_effects net/sctp/sm_sideeffect.c:1198 [inline]
sctp_do_sm+0x59cc/0x60c0 net/sctp/sm_sideeffect.c:1169
sctp_primitive_ASSOCIATE+0x95/0xc0 net/sctp/primitive.c:73
sctp_sendmsg_to_asoc+0xfa5/0x1800 net/sctp/socket.c:1841
sctp_sendmsg+0x1bc3/0x3520 net/sctp/socket.c:2031
sock_sendmsg_nosec net/socket.c:730 [inline]
__sock_sendmsg+0x1a6/0x270 net/socket.c:745
____sys_sendmsg+0x525/0x7d0 net/socket.c:2597
___sys_sendmsg net/socket.c:2651 [inline]
__sys_sendmsg+0x2b0/0x3a0 net/socket.c:2680
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f34db67d0a9
RSP: 002b:00007f34dc3ca0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007f34db7b3f80 RCX: 00007f34db67d0a9
RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000005
RBP: 00007f34db6ec074 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 000000000000000b R14: 00007f34db7b3f80 R15: 00007ffe2b01cd98
rcu: rcu_preempt kthread starved for 10576 jiffies! g49933 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
rcu: RCU grace-period kthread stack dump:
task:rcu_preempt state:R running task stack:25656 pid:17 tgid:17 ppid:2 flags:0x00004000
Call Trace:
context_switch kernel/sched/core.c:5249 [inline]
__schedule+0x17e8/0x4a20 kernel/sched/core.c:6594
__schedule_loop kernel/sched/core.c:6671 [inline]
schedule+0x14b/0x320 kernel/sched/core.c:6686
schedule_timeout+0x1be/0x310 kernel/time/timer.c:2581
rcu_gp_fqs_loop+0x2df/0x1330 kernel/rcu/tree.c:2020
rcu_gp_kthread+0xa7/0x3b0 kernel/rcu/tree.c:2222
kthread+0x2f0/0x390 kernel/kthread.c:389
ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:144
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
rcu: Stack dump where RCU GP kthread last ran:
CPU: 0 UID: 0 PID: 10522 Comm: syz-executor.2 Not tainted 6.10.0-rc4-next-20240621-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
RIP: 0010:finish_task_switch+0x1ea/0x870 kernel/sched/core.c:5123
Code: c9 50 e8 69 b8 0b 00 48 83 c4 08 4c 89 f7 e8 dd 38 00 00 e9 de 04 00 00 4c 89 f7 e8 30 a6 34 0a e8 ab 84 37 00 fb 48 8b 5d c0 <48> 8d bb f8 15 00 00 48 89 f8 48 c1 e8 03 49 be 00 00 00 00 00 fc
RSP: 0018:ffffc90004667808 EFLAGS: 00000286
RAX: 2f29dca9afb75d00 RBX: ffff888020530000 RCX: ffffffff947dc803
RDX: dffffc0000000000 RSI: ffffffff8bcac8a0 RDI: ffffffff8c206c80
RBP: ffffc90004667850 R08: ffffffff8faeddef R09: 1ffffffff1f5dbbd
R10: dffffc0000000000 R11: fffffbfff1f5dbbe R12: 1ffff11017287ec7
R13: dffffc0000000000 R14: ffff8880b943e8c0 R15: ffff8880b943f638
FS: 0000555576e5f480(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000001b2ea43000 CR3: 000000004f7f4000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
context_switch kernel/sched/core.c:5252 [inline]
__schedule+0x17f0/0x4a20 kernel/sched/core.c:6594
preempt_schedule_common+0x84/0xd0 kernel/sched/core.c:6773
preempt_schedule+0xe1/0xf0 kernel/sched/core.c:6797
preempt_schedule_thunk+0x1a/0x30 arch/x86/entry/thunk.S:12
__raw_spin_unlock_irq include/linux/spinlock_api_smp.h:160 [inline]
_raw_spin_unlock_irq+0x44/0x50 kernel/locking/spinlock.c:202
spin_unlock_irq include/linux/spinlock.h:401 [inline]
__set_current_blocked+0x310/0x380 kernel/signal.c:3099
set_current_blocked kernel/signal.c:3083 [inline]
signal_delivered kernel/signal.c:2945 [inline]
signal_setup_done+0x39e/0x600 kernel/signal.c:2957
handle_signal arch/x86/kernel/signal.c:285 [inline]
arch_do_signal_or_restart+0x4e9/0x830 arch/x86/kernel/signal.c:312
exit_to_user_mode_loop kernel/entry/common.c:111 [inline]
exit_to_user_mode_prepare include/linux/entry-common.h:328 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline]
syscall_exit_to_user_mode+0xc9/0x370 kernel/entry/common.c:218
do_syscall_64+0x100/0x230 arch/x86/entry/common.c:89
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f025c2a4830
Code: 83 c0 16 83 e0 f7 74 12 50 48 8d 3d da 99 04 00 e8 15 78 fa ff 0f 1f 44 00 00 c3 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 <83> ff 21 74 0b c3 66 2e 0f 1f 84 00 00 00 00 00 55 53 48 89 f3 48
RSP: 002b:00007fffd6ae81b8 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
RAX: 0000000000000000 RBX: 00007f025c3b3f80 RCX: 00007f025c2a84b5
RDX: 00007fffd6ae81c0 RSI: 00007fffd6ae82f0 RDI: 0000000000000021
RBP: 00007f025c3b5980 R08: 0000000000000000 R09: 7fffffffffffffff
R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000065dc8
R13: 00007f025c3b405c R14: 0000000000000032 R15: 00007f025c3b5980
DEBUG: holding rtnl_mutex for 10875 jiffies.
task:syz-executor.3 state:R running task stack:22736 pid:10518 tgid:10517 ppid:8697 flags:0x00004006
Call Trace:
context_switch kernel/sched/core.c:5249 [inline]
__schedule+0x17e8/0x4a20 kernel/sched/core.c:6594
preempt_schedule_irq+0xfb/0x1c0 kernel/sched/core.c:6916
irqentry_exit+0x5e/0x90 kernel/entry/common.c:354
asm_sysvec_reschedule_ipi+0x1a/0x20 arch/x86/include/asm/idtentry.h:707
RIP: 0010:synchronize_rcu+0x0/0x360 kernel/rcu/tree.c:3965
Code: e1 07 80 c1 03 38 c1 0f 8c 97 fe ff ff 4c 89 f7 e8 a5 15 80 00 e9 8a fe ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1e fa 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 e4 e0 48
RSP: 0018:ffffc900030a6e18 EFLAGS: 00000206
RAX: dffffc0000000000 RBX: 1ffff92000614dcc RCX: ffffffff947dc803
RDX: 0000777d58bc7d01 RSI: ffffffff8bcad580 RDI: ffffffff8c206c80
RBP: ffffc900030a6f00 R08: ffffffff814257f5 R09: 1ffffffff1f5dbbd
R10: dffffc0000000000 R11: fffffbfff1f5dbbe R12: ffffffff947c7df8
R13: 1ffff92000614dc8 R14: 0000000000000206 R15: ffffc900030a6e60
lockdep_unregister_key+0x4b7/0x540 kernel/locking/lockdep.c:6541
__qdisc_destroy+0x165/0x410 net/sched/sch_generic.c:1079
mqprio_attach+0x130/0x240 net/sched/sch_mqprio.c:444
qdisc_graft+0x128a/0x1580 net/sched/sch_api.c:1176
tc_modify_qdisc+0xf47/0x1e40 net/sched/sch_api.c:1788
rtnetlink_rcv_msg+0x892/0x1170 net/core/rtnetlink.c:6726
netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2550
netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline]
netlink_unicast+0x7f0/0x990 net/netlink/af_netlink.c:1357
netlink_sendmsg+0x8e4/0xcb0 net/netlink/af_netlink.c:1901
sock_sendmsg_nosec net/socket.c:730 [inline]
__sock_sendmsg+0x221/0x270 net/socket.c:745
____sys_sendmsg+0x525/0x7d0 net/socket.c:2597
___sys_sendmsg net/socket.c:2651 [inline]
__sys_sendmsg+0x2b0/0x3a0 net/socket.c:2680
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f170507d0a9
RSP: 002b:00007f1705ea70c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007f17051b3f80 RCX: 00007f170507d0a9
RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000004
RBP: 00007f17050ec074 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 000000000000000b R14: 00007f17051b3f80 R15: 00007ffeefe02948
Showing all locks held in the system:
2 locks held by getty/4858:
#0: ffff88802b1b50a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 drivers/tty/tty_ldisc.c:243
#1: ffffc9000312b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 drivers/tty/n_tty.c:2211
4 locks held by syz-executor.1/5117:
3 locks held by kworker/u8:10/10393:
2 locks held by kworker/u8:14/10396:
1 lock held by syz-executor.3/10518:
3 locks held by syz-executor.2/10522:
#0: ffffc90000007c00 (net/core/rtnetlink.c:82){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650 kernel/time/timer.c:1789
#1: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:333 [inline]
#1: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:845 [inline]
#1: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: report_rtnl_holders+0x20/0x2d0 net/core/rtnetlink.c:95
#2: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:333 [inline]
#2: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:845 [inline]
#2: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 kernel/locking/lockdep.c:6688
4 locks held by syz-executor.0/10530:
=============================================
DEBUG: holding rtnl_mutex for 11044 jiffies.
task:syz-executor.3 state:R running task stack:22736 pid:10518 tgid:10517 ppid:8697 flags:0x00004006
Call Trace:
context_switch kernel/sched/core.c:5249 [inline]
__schedule+0x17e8/0x4a20 kernel/sched/core.c:6594
preempt_schedule_irq+0xfb/0x1c0 kernel/sched/core.c:6916
irqentry_exit+0x5e/0x90 kernel/entry/common.c:354
asm_sysvec_reschedule_ipi+0x1a/0x20 arch/x86/include/asm/idtentry.h:707
RIP: 0010:synchronize_rcu+0x0/0x360 kernel/rcu/tree.c:3965
Code: e1 07 80 c1 03 38 c1 0f 8c 97 fe ff ff 4c 89 f7 e8 a5 15 80 00 e9 8a fe ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1e fa 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 e4 e0 48
RSP: 0018:ffffc900030a6e18 EFLAGS: 00000206
RAX: dffffc0000000000 RBX: 1ffff92000614dcc RCX: ffffffff947dc803
RDX: 0000777d58bc7d01 RSI: ffffffff8bcad580 RDI: ffffffff8c206c80
RBP: ffffc900030a6f00 R08: ffffffff814257f5 R09: 1ffffffff1f5dbbd
R10: dffffc0000000000 R11: fffffbfff1f5dbbe R12: ffffffff947c7df8
R13: 1ffff92000614dc8 R14: 0000000000000206 R15: ffffc900030a6e60
lockdep_unregister_key+0x4b7/0x540 kernel/locking/lockdep.c:6541
__qdisc_destroy+0x165/0x410 net/sched/sch_generic.c:1079
mqprio_attach+0x130/0x240 net/sched/sch_mqprio.c:444
qdisc_graft+0x128a/0x1580 net/sched/sch_api.c:1176
tc_modify_qdisc+0xf47/0x1e40 net/sched/sch_api.c:1788
rtnetlink_rcv_msg+0x892/0x1170 net/core/rtnetlink.c:6726
netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2550
netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline]
netlink_unicast+0x7f0/0x990 net/netlink/af_netlink.c:1357
netlink_sendmsg+0x8e4/0xcb0 net/netlink/af_netlink.c:1901
sock_sendmsg_nosec net/socket.c:730 [inline]
__sock_sendmsg+0x221/0x270 net/socket.c:745
____sys_sendmsg+0x525/0x7d0 net/socket.c:2597
___sys_sendmsg net/socket.c:2651 [inline]
__sys_sendmsg+0x2b0/0x3a0 net/socket.c:2680
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f170507d0a9
RSP: 002b:00007f1705ea70c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007f17051b3f80 RCX: 00007f170507d0a9
RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000004
RBP: 00007f17050ec074 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 000000000000000b R14: 00007f17051b3f80 R15: 00007ffeefe02948
Showing all locks held in the system:
2 locks held by getty/4858:
#0: ffff88802b1b50a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 drivers/tty/tty_ldisc.c:243
#1: ffffc9000312b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 drivers/tty/n_tty.c:2211
4 locks held by syz-executor.1/5117:
3 locks held by kworker/u8:10/10393:
2 locks held by kworker/u8:14/10396:
1 lock held by syz-executor.3/10518:
3 locks held by syz-executor.2/10522:
#0: ffffc90000007c00 (net/core/rtnetlink.c:82){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650 kernel/time/timer.c:1789
#1: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:333 [inline]
#1: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:845 [inline]
#1: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: report_rtnl_holders+0x20/0x2d0 net/core/rtnetlink.c:95
#2: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:333 [inline]
#2: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:845 [inline]
#2: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 kernel/locking/lockdep.c:6688
1 lock held by syz-executor.2/10526:
4 locks held by syz-executor.0/10530:
=============================================
DEBUG: holding rtnl_mutex for 11212 jiffies.
task:syz-executor.3 state:R running task stack:22736 pid:10518 tgid:10517 ppid:8697 flags:0x00004006
Call Trace:
context_switch kernel/sched/core.c:5249 [inline]
__schedule+0x17e8/0x4a20 kernel/sched/core.c:6594
preempt_schedule_irq+0xfb/0x1c0 kernel/sched/core.c:6916
irqentry_exit+0x5e/0x90 kernel/entry/common.c:354
asm_sysvec_reschedule_ipi+0x1a/0x20 arch/x86/include/asm/idtentry.h:707
RIP: 0010:synchronize_rcu+0x0/0x360 kernel/rcu/tree.c:3965
Code: e1 07 80 c1 03 38 c1 0f 8c 97 fe ff ff 4c 89 f7 e8 a5 15 80 00 e9 8a fe ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1e fa 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 e4 e0 48
RSP: 0018:ffffc900030a6e18 EFLAGS: 00000206
RAX: dffffc0000000000 RBX: 1ffff92000614dcc RCX: ffffffff947dc803
RDX: 0000777d58bc7d01 RSI: ffffffff8bcad580 RDI: ffffffff8c206c80
RBP: ffffc900030a6f00 R08: ffffffff814257f5 R09: 1ffffffff1f5dbbd
R10: dffffc0000000000 R11: fffffbfff1f5dbbe R12: ffffffff947c7df8
R13: 1ffff92000614dc8 R14: 0000000000000206 R15: ffffc900030a6e60
lockdep_unregister_key+0x4b7/0x540 kernel/locking/lockdep.c:6541
__qdisc_destroy+0x165/0x410 net/sched/sch_generic.c:1079
mqprio_attach+0x130/0x240 net/sched/sch_mqprio.c:444
qdisc_graft+0x128a/0x1580 net/sched/sch_api.c:1176
tc_modify_qdisc+0xf47/0x1e40 net/sched/sch_api.c:1788
rtnetlink_rcv_msg+0x892/0x1170 net/core/rtnetlink.c:6726
netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2550
netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline]
netlink_unicast+0x7f0/0x990 net/netlink/af_netlink.c:1357
netlink_sendmsg+0x8e4/0xcb0 net/netlink/af_netlink.c:1901
sock_sendmsg_nosec net/socket.c:730 [inline]
__sock_sendmsg+0x221/0x270 net/socket.c:745
____sys_sendmsg+0x525/0x7d0 net/socket.c:2597
___sys_sendmsg net/socket.c:2651 [inline]
__sys_sendmsg+0x2b0/0x3a0 net/socket.c:2680
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f170507d0a9
RSP: 002b:00007f1705ea70c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007f17051b3f80 RCX: 00007f170507d0a9
RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000004
RBP: 00007f17050ec074 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 000000000000000b R14: 00007f17051b3f80 R15: 00007ffeefe02948
Showing all locks held in the system:
2 locks held by getty/4858:
#0: ffff88802b1b50a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 drivers/tty/tty_ldisc.c:243
#1: ffffc9000312b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 drivers/tty/n_tty.c:2211
4 locks held by syz-executor.1/5117:
3 locks held by kworker/u8:10/10393:
2 locks held by kworker/u8:14/10396:
1 lock held by syz-executor.3/10518:
3 locks held by syz-executor.2/10523:
#0: ffffc90000007c00 (net/core/rtnetlink.c:82){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650 kernel/time/timer.c:1789
#1: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:333 [inline]
#1: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:845 [inline]
#1: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: report_rtnl_holders+0x20/0x2d0 net/core/rtnetlink.c:95
#2: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:333 [inline]
#2: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:845 [inline]
#2: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 kernel/locking/lockdep.c:6688
4 locks held by syz-executor.0/10530:
=============================================
DEBUG: holding rtnl_mutex for 11380 jiffies.
task:syz-executor.3 state:R running task stack:22736 pid:10518 tgid:10517 ppid:8697 flags:0x00004006
Call Trace:
context_switch kernel/sched/core.c:5249 [inline]
__schedule+0x17e8/0x4a20 kernel/sched/core.c:6594
preempt_schedule_irq+0xfb/0x1c0 kernel/sched/core.c:6916
irqentry_exit+0x5e/0x90 kernel/entry/common.c:354
asm_sysvec_reschedule_ipi+0x1a/0x20 arch/x86/include/asm/idtentry.h:707
RIP: 0010:synchronize_rcu+0x0/0x360 kernel/rcu/tree.c:3965
Code: e1 07 80 c1 03 38 c1 0f 8c 97 fe ff ff 4c 89 f7 e8 a5 15 80 00 e9 8a fe ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1e fa 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 e4 e0 48
RSP: 0018:ffffc900030a6e18 EFLAGS: 00000206
RAX: dffffc0000000000 RBX: 1ffff92000614dcc RCX: ffffffff947dc803
RDX: 0000777d58bc7d01 RSI: ffffffff8bcad580 RDI: ffffffff8c206c80
RBP: ffffc900030a6f00 R08: ffffffff814257f5 R09: 1ffffffff1f5dbbd
R10: dffffc0000000000 R11: fffffbfff1f5dbbe R12: ffffffff947c7df8
R13: 1ffff92000614dc8 R14: 0000000000000206 R15: ffffc900030a6e60
lockdep_unregister_key+0x4b7/0x540 kernel/locking/lockdep.c:6541
__qdisc_destroy+0x165/0x410 net/sched/sch_generic.c:1079
mqprio_attach+0x130/0x240 net/sched/sch_mqprio.c:444
qdisc_graft+0x128a/0x1580 net/sched/sch_api.c:1176
tc_modify_qdisc+0xf47/0x1e40 net/sched/sch_api.c:1788
rtnetlink_rcv_msg+0x892/0x1170 net/core/rtnetlink.c:6726
netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2550
netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline]
netlink_unicast+0x7f0/0x990 net/netlink/af_netlink.c:1357
netlink_sendmsg+0x8e4/0xcb0 net/netlink/af_netlink.c:1901
sock_sendmsg_nosec net/socket.c:730 [inline]
__sock_sendmsg+0x221/0x270 net/socket.c:745
____sys_sendmsg+0x525/0x7d0 net/socket.c:2597
___sys_sendmsg net/socket.c:2651 [inline]
__sys_sendmsg+0x2b0/0x3a0 net/socket.c:2680
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f170507d0a9
RSP: 002b:00007f1705ea70c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007f17051b3f80 RCX: 00007f170507d0a9
RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000004
RBP: 00007f17050ec074 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 000000000000000b R14: 00007f17051b3f80 R15: 00007ffeefe02948
Showing all locks held in the system:
2 locks held by getty/4858:
#0: ffff88802b1b50a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 drivers/tty/tty_ldisc.c:243
#1: ffffc9000312b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 drivers/tty/n_tty.c:2211
4 locks held by syz-executor.1/5117:
3 locks held by kworker/u8:10/10393:
2 locks held by kworker/u8:14/10396:
1 lock held by syz-executor.3/10518:
3 locks held by syz-executor.2/10523:
#0: ffffc90000007c00 (net/core/rtnetlink.c:82){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650 kernel/time/timer.c:1789
#1: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:333 [inline]
#1: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:845 [inline]
#1: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: report_rtnl_holders+0x20/0x2d0 net/core/rtnetlink.c:95
#2: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:333 [inline]
#2: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:845 [inline]
#2: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 kernel/locking/lockdep.c:6688
4 locks held by syz-executor.0/10530:
=============================================
DEBUG: holding rtnl_mutex for 11548 jiffies.
task:syz-executor.3 state:R running task stack:22736 pid:10518 tgid:10517 ppid:8697 flags:0x00004006
Call Trace:
context_switch kernel/sched/core.c:5249 [inline]
__schedule+0x17e8/0x4a20 kernel/sched/core.c:6594
preempt_schedule_irq+0xfb/0x1c0 kernel/sched/core.c:6916
irqentry_exit+0x5e/0x90 kernel/entry/common.c:354
asm_sysvec_reschedule_ipi+0x1a/0x20 arch/x86/include/asm/idtentry.h:707
RIP: 0010:synchronize_rcu+0x0/0x360 kernel/rcu/tree.c:3965
Code: e1 07 80 c1 03 38 c1 0f 8c 97 fe ff ff 4c 89 f7 e8 a5 15 80 00 e9 8a fe ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1e fa 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 e4 e0 48
RSP: 0018:ffffc900030a6e18 EFLAGS: 00000206
RAX: dffffc0000000000 RBX: 1ffff92000614dcc RCX: ffffffff947dc803
RDX: 0000777d58bc7d01 RSI: ffffffff8bcad580 RDI: ffffffff8c206c80
RBP: ffffc900030a6f00 R08: ffffffff814257f5 R09: 1ffffffff1f5dbbd
R10: dffffc0000000000 R11: fffffbfff1f5dbbe R12: ffffffff947c7df8
R13: 1ffff92000614dc8 R14: 0000000000000206 R15: ffffc900030a6e60
lockdep_unregister_key+0x4b7/0x540 kernel/locking/lockdep.c:6541
__qdisc_destroy+0x165/0x410 net/sched/sch_generic.c:1079
mqprio_attach+0x130/0x240 net/sched/sch_mqprio.c:444
qdisc_graft+0x128a/0x1580 net/sched/sch_api.c:1176
tc_modify_qdisc+0xf47/0x1e40 net/sched/sch_api.c:1788
rtnetlink_rcv_msg+0x892/0x1170 net/core/rtnetlink.c:6726
netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2550
netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline]
netlink_unicast+0x7f0/0x990 net/netlink/af_netlink.c:1357
netlink_sendmsg+0x8e4/0xcb0 net/netlink/af_netlink.c:1901
sock_sendmsg_nosec net/socket.c:730 [inline]
__sock_sendmsg+0x221/0x270 net/socket.c:745
____sys_sendmsg+0x525/0x7d0 net/socket.c:2597
___sys_sendmsg net/socket.c:2651 [inline]
__sys_sendmsg+0x2b0/0x3a0 net/socket.c:2680
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f170507d0a9
RSP: 002b:00007f1705ea70c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007f17051b3f80 RCX: 00007f170507d0a9
RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000004
RBP: 00007f17050ec074 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 000000000000000b R14: 00007f17051b3f80 R15: 00007ffeefe02948
Showing all locks held in the system:
2 locks held by getty/4858:
#0: ffff88802b1b50a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 drivers/tty/tty_ldisc.c:243
#1: ffffc9000312b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 drivers/tty/n_tty.c:2211
4 locks held by syz-executor.1/5117:
3 locks held by kworker/u8:10/10393:
2 locks held by kworker/u8:14/10396:
1 lock held by syz-executor.3/10518:
3 locks held by syz-executor.2/10523:
#0: ffffc90000007c00 (net/core/rtnetlink.c:82){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650 kernel/time/timer.c:1789
#1: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:333 [inline]
#1: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:845 [inline]
#1: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: report_rtnl_holders+0x20/0x2d0 net/core/rtnetlink.c:95
#2: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:333 [inline]
#2: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:845 [inline]
#2: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 kernel/locking/lockdep.c:6688
4 locks held by syz-executor.0/10530:
=============================================
DEBUG: holding rtnl_mutex for 11716 jiffies.
task:syz-executor.3 state:R running task stack:22736 pid:10518 tgid:10517 ppid:8697 flags:0x00004006
Call Trace:
context_switch kernel/sched/core.c:5249 [inline]
__schedule+0x17e8/0x4a20 kernel/sched/core.c:6594
preempt_schedule_irq+0xfb/0x1c0 kernel/sched/core.c:6916
irqentry_exit+0x5e/0x90 kernel/entry/common.c:354
asm_sysvec_reschedule_ipi+0x1a/0x20 arch/x86/include/asm/idtentry.h:707
RIP: 0010:synchronize_rcu+0x0/0x360 kernel/rcu/tree.c:3965
Code: e1 07 80 c1 03 38 c1 0f 8c 97 fe ff ff 4c 89 f7 e8 a5 15 80 00 e9 8a fe ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1e fa 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 e4 e0 48
RSP: 0018:ffffc900030a6e18 EFLAGS: 00000206
RAX: dffffc0000000000 RBX: 1ffff92000614dcc RCX: ffffffff947dc803
RDX: 0000777d58bc7d01 RSI: ffffffff8bcad580 RDI: ffffffff8c206c80
RBP: ffffc900030a6f00 R08: ffffffff814257f5 R09: 1ffffffff1f5dbbd
R10: dffffc0000000000 R11: fffffbfff1f5dbbe R12: ffffffff947c7df8
R13: 1ffff92000614dc8 R14: 0000000000000206 R15: ffffc900030a6e60
lockdep_unregister_key+0x4b7/0x540 kernel/locking/lockdep.c:6541